Sharat Sinha, Vice President APAC, of Palo Alto Networks.
The best way to approach security is to shift away from 'trust but verify' to 'don't trust, always verify', says Sharat Sinha, Vice President APAC, of Palo Alto Networks.
What shortcomings do you see in the cyber security scenario today in terms of preparedness?
- Larger than necessary sphere of cyber security risks - Companies should reduce the sphere of their cyber security risks and only allow the traffic they need to operate their businesses on their networks. This will immediately reduce the scope of their security challenges by eliminating opportunities for malware to get into their networks. In this way, their security tools and teams can fully focus on detecting and stopping threats.
- Selecting a cyber security platform that does not enable adoption of new IT initiatives, like cloud and mobility - Don't use yesterday's technology to address today's and tomorrow's security challenges; the security level provided by legacy security systems - often fragmented - can be broken when emerging technologies are implemented, leaving your organisation at risk. Invest in a cyber security strategy and dedicated systems that show innovation and flexibility to evolve with technology trends, like cloud and mobile computing, and tackle new forms of cyber attacks like advanced persistent threats.
- Viewing security as an impediment to the business - Companies should transform security into a proactive and systematic practice of safely enabling technology and business initiatives: Evolve security from being an impediment to the business to being an enabler and even turns cyber security into a competitive advantage.
Is there a best way to approach cyber security? What could it be?
- Assume the network is not safe - For many organisations, the LAN is both the most sensitive and least secured network environment. Anyone can plug in a device and get network access. The way to approach security is the changing mindset towards what's allowed on the LAN, which is shifting away from "trust but verify" to "don't trust, always verify" and organisations could make use of segmentation and better application and user-aware access controls to do it.
- Application whitelisting - The best way to approach cyber security is by application whitelisting where applications are identified before they enter the network at the next generation firewall platform. Next generation firewalls have the capability to address APT attacks and have appropriate security policies in place to safely enable the desired applications. To comprehensively address cyber security related threats, the network security platform should have an integrated next generation firewall with integrated APT as the platform must have the capability to detect, prevent and remediate in case of any breach of security.
Sign up for CIO Asia eNewsletters.